On 31 March 2014 15:16, Michael S. Tsirkin <m...@redhat.com> wrote: > CVE-2013-4526 > > Within hw/ide/ahci.c, VARRAY refers to ports which is also loaded. So > we use the old version of ports to read the array but then allow any > value for ports. This can cause the code to overflow. > > There's no reason to migrate ports - it never changes. > So just make sure it matches. > > Reported-by: Anthony Liguori <anth...@codemonkey.ws> > Signed-off-by: Michael S. Tsirkin <m...@redhat.com> > ---
Reviewed-by: Peter Maydell <peter.mayd...@linaro.org> -- PMM
